Oval Definition:	oval:org.opensuse.security:def:60927
Revision Date: 2020-12-01 Version: 1 Title: Security update for permissions (Moderate) Description: This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary (bsc#1093414). - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links (bsc#1150734). - Fixed a regression which caused segmentation fault (bsc#1157198). Family: unix Class: patch Status: Reference(s): 1028103 1035807 1036457 1047873 1057247 1059809 1059811 1065729 1079600 1093414 1112209 1113534 1113652 1113742 1120470 1120502 1120503 1120504 1120584 1120589 1124937 1146351 1149652 1150734 1152457 1153892 1154162 1155787 1157198 1157471 1160398 1160968 1162002 1162972 1164910 1165439 1169511 1170011 1170618 1171078 1171189 1171191 1171220 1171732 1171988 1172453 1172458 1172775 1172999 1173280 1173658 1174115 1174462 1174543 1176756 1177872 CVE-2016-10244 CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 CVE-2017-14632 CVE-2017-14633 CVE-2017-2518 CVE-2017-7864 CVE-2017-8105 CVE-2017-8287 CVE-2018-0734 CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 CVE-2018-5407 CVE-2019-17544 CVE-2019-19191 CVE-2019-20810 CVE-2019-20812 CVE-2019-2974 CVE-2019-3688 CVE-2019-3690 CVE-2019-4732 CVE-2019-6212 CVE-2019-6215 CVE-2019-6216 CVE-2019-6217 CVE-2019-6226 CVE-2019-6227 CVE-2019-6229 CVE-2019-6233 CVE-2019-6234 CVE-2020-0305 CVE-2020-10135 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10773 CVE-2020-12771 CVE-2020-13974 CVE-2020-14416 CVE-2020-15683 CVE-2020-15969 CVE-2020-1747 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 SUSE-SU-2017:2854-1 SUSE-SU-2018:0015-1 SUSE-SU-2018:0414-1 SUSE-SU-2019:0511-1 SUSE-SU-2019:3180-1 SUSE-SU-2020:0050-1 SUSE-SU-2020:0528-1 SUSE-SU-2020:1285-1 SUSE-SU-2020:1686-1 SUSE-SU-2020:2152-1 SUSE-SU-2020:3053-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information expat-2.2.5-lp151.3.3 is installed OR libexpat-devel-2.2.5-lp151.3.3 is installed OR libexpat-devel-32bit-2.2.5-lp151.3.3 is installed OR libexpat1-2.2.5-lp151.3.3 is installed OR libexpat1-32bit-2.2.5-lp151.3.3 is installed Definition Synopsis openSUSE Leap 15.1 NonFree is installed AND opera-69.0.3686.49-lp151.2.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND tcpdump-4.9.2-14.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_8_0-openjdk-1.8.0.252-27.45 is installed OR java-1_8_0-openjdk-demo-1.8.0.252-27.45 is installed OR java-1_8_0-openjdk-devel-1.8.0.252-27.45 is installed OR java-1_8_0-openjdk-headless-1.8.0.252-27.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libshibsp-lite6-2.5.5-6.6 is installed OR libshibsp6-2.5.5-6.6 is installed OR shibboleth-sp-2.5.5-6.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libmysqlclient18-10.0.40.2-29.35 is installed OR libmysqlclient18-32bit-10.0.40.2-29.35 is installed OR mariadb-10.0.40.2-29.35 is installed OR mariadb-client-10.0.40.2-29.35 is installed OR mariadb-errormessages-10.0.40.2-29.35 is installed OR mariadb-tools-10.0.40.2-29.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libopenssl-devel-1.0.2j-60.46 is installed OR libopenssl1_0_0-1.0.2j-60.46 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed OR openssl-1.0.2j-60.46 is installed OR openssl-doc-1.0.2j-60.46 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dracut-044.1-9 is installed OR dracut-fips-044.1-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND squid-3.5.21-26.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND permissions-2015.09.28.1626-17.20 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information libxerces-c-3_1-3.1.1-13.3 is installed OR libxerces-c-3_1-32bit-3.1.1-13.3 is installed OR xerces-c-3.1.1-13.3 is installed
BACK